<?PHP
//session_start();
//if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
	//header ("Location: login.php");
//}

//set the session variable to 1, if the user signs up. That way, they can use the site straight away
//do you want to send the user a confirmation email?
//does the user need to validate an email address, before they can use the site?
//do you want to display a message for the user that a particular username is already taken?
//test to see if the u and p are long enough
//you might also want to test if the users is already logged in. That way, they can't sign up repeatedly without closing down the browser
//other login methods - set a cookie, and read that back for every page
//collect other information: date and time of login, ip address, etc
//don't store passwords without encrypting them
$fcomname = "";
$fname = "";
$fsurname = "";
$fpword = "";
$femail = "";
$fcpword = "";
$errorMessage = "";
$num_rows = 0;

function quote_smart($value, $handle) {

   if (get_magic_quotes_gpc()) {
       $value = stripslashes($value);
   }

   if (!is_numeric($value)) {
       $value = "'" . mysql_real_escape_string($value, $handle) . "'";
   }
   return $value;
}

if ($_SERVER['REQUEST_METHOD'] == 'POST'){

	//====================================================================
	//	GET THE CHOSEN U AND P, AND CHECK IT FOR DANGEROUS CHARCTERS
	//====================================================================
	$fcomname = $_POST['comname'];
	$fname = $_POST['name'];
	$fpword = $_POST['password'];
$fsurname = $_POST['surname'];
$fcpword = $_POST['cpassword'];
$femail  = $_POST['email'];

	$fname = htmlspecialchars($fname);
	$fpword = htmlspecialchars($fpword);
	$femail = htmlspecialchars($femail);
	$fcpword = htmlspecialchars($cpassword);
	$fsurname = htmlspecialchars($fsurname);
	//====================================================================
	//	CHECK TO SEE IF U AND P ARE OF THE CORRECT LENGTH
	//	A MALICIOUS USER MIGHT TRY TO PASS A STRING THAT IS TOO LONG
	//	if no errors occur, then $errorMessage will be blank
	//====================================================================




//test to see if $errorMessage is blank
//if it is, then we can go ahead with the rest of the code
//if it's not, we can display the error

	//====================================================================
	//	Write to the database
	//====================================================================
	if ($errorMessage == "") {

require 'config.php';

	$db_handle = mysql_connect($server, $user_name, $pass_word);
	$db_found = mysql_select_db($database, $db_handle);

	if ($db_found) {

		$fname = quote_smart($fname, $db_handle);
		$fpword = quote_smart($fpword, $db_handle);
$femail = quote_smart($femail, $db_handle);
$fsurname = quote_smart($fsurname, $db_handle);
	//====================================================================
	//	CHECK THAT THE USERNAME IS NOT TAKEN
	//====================================================================

		$SQL = "SELECT * FROM members WHERE email = $femail";
		
		$result = mysql_query($SQL);
		$num_rows = mysql_num_rows($result);

		if ($num_rows > 0) {
			$errorMessage = "That email address is already being used.";
		}
		
		else {
			$SQL0 = "INSERT INTO Company (name, curbal) VALUES ('$fcomname', '0')"; 
			if ($result0 = mysql_query($SQL0)){
			$fcomid = mysql_insert_id();

			$SQL1 = "INSERT INTO members (name, surname, email, password, verified, comid, rank) VALUES ($fname,$fsurname, $femail, md5($fpword),'0',$fcomid,'0')";

		if ($result1 = mysql_query($SQL1)){
				// START EMAILING
			require 'emailverify.php';
			}
else {$errorMessage = "Your registration failed, please contact support";}}else {$errorMessage = "Your Company could not be registered";}
			mysql_close($db_handle);

		//=================================================================================
		//	START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login
		//	SEND USER TO A DIFFERENT PAGE AFTER SIGN UP
		//=================================================================================
 

		//	header ("Location: index.php");

		}
		}

	}
	else {
		$errorMessage = "Database Not Found";
	}




	}




?>

	<html>
	<head>
	<title>iPetty Company Registration</title>
 <meta charset="utf-8">
  <meta name="viewport" content="initial-scale=1.0, user-scalable=no">
  <meta name="apple-mobile-web-app-capable" content="yes">
  <meta name="apple-mobile-web-app-status-bar-style" content="black">

  
  
  
  <link rel="stylesheet" href="/jquery/style.css">
  
  <!-- Extra Codiqa features -->
  <link rel="stylesheet" href="codiqa.ext.css">
    <link href="styling.css" rel="stylesheet" type="text/css">
  
  <!-- jQuery and jQuery Mobile -->
  <script src="https://d10ajoocuyu32n.cloudfront.net/jquery-1.9.1.min.js"></script>
  <script src="https://d10ajoocuyu32n.cloudfront.net/mobile/1.3.1/jquery.mobile-1.3.1.min.js"></script>

  <!-- Extra Codiqa features -->
  <script src="https://d10ajoocuyu32n.cloudfront.net/codiqa.ext.js"></script>
  <script src="jquery.validate.js"></script>
	</head>
	<body>
  <div data-theme="a" data-role="header">
        <h3>
            iPetty Company Registration
        </h3></div>
         <h4 align="center" style="color:#F00"><? echo $errorMessage;  ?> </h4>
    <h4 align="center" style="color:#0C3"><? echo $yayMessage; ?> </h4>
<p align="center"><a href="iforget.php">Forgot your password?</a>
<div id="errorBox"><ul></ul></div>
<FORM NAME ="reg" METHOD ="POST" ACTION ="register.php" id="reg">

<div data-role="fieldcontain">
            <input name="comname" id="comname" placeholder="Company Name" value="" type="text" required >
        </div>
<div data-role="fieldcontain">
            <input name="name" id="name" placeholder="Name" value="" type="text" required >
        </div>
        <div data-role="fieldcontain">
            <input name="surname" id="surname" placeholder="Surname" value="" type="text" required >
        </div>
        <div data-role="fieldcontain">
            <input name="email" id="email" placeholder="Email" value="" type="email" required class="email" >
        </div>
                <div data-role="fieldcontain">
            <input name="password" id="password" placeholder="Password" value="" type="password" >
        </div>
                        <div data-role="fieldcontain">
            <input name="cpassword" id="cpassword" placeholder="Confirm Password" value="" type="password"  required >
        </div>
<P>
<INPUT TYPE = "Submit" Name = "Submit1"  VALUE = "Register">


</FORM>
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="jquery.validate.js"></script>
<script src="http://jquery.bassistance.de/validate/additional-methods.js"></script>
<script>
// just for the demos, avoids form submit
jQuery.validator.setDefaults({
  debug: true,
  success: "valid"
});
$( "#reg" ).validate({
  rules: {
    password: "required",
    cpassword: {
      PassequalTo: "#password"
    }
  }
});
</script>
<P>
   <strong><p align="center"> If you have an account, please <a href="index.php">login</a></p></strong>


	</body>
	</html>
